METHOD FOR DATA SECURITY WITH LOCK IN A HARD DISK AND A SOLID 

STATE DISK 

BACKGROUND OF THE INVENTION 

1. Field of The Invention: 

5 The present invention relates to a method for data security with lock in a 

hard disk and a solid state disk, and, particularly, to a new, practical and 
convenient method, which can enhance the security of data in a disk. 

2. Description of Related Art: 

Currently, for a hard disk (HD) or a solid state disk (SSD), the security of 
10 the inner data thereof is getting important due to the popularity of home information 
electrical appliances. Accordingly, how to secure the data in a disk is an important 
subject from the standpoint of protection of the intellectual property with regard to 
the saved programs created by the system designer or the data maintenance for 
the system user. At the present, each partitioned zone provides the same function 
15 after the disk is divided into several zones, that is, each of the partitioned zones 
can be read and written such that it is not possible for partitioned zones to be made 
a distinction between them and identify which zone is a read and write zone, which 
zone is ROM zone, and which zone is a protect zone against read and write- 
Therefore, it is unable to satisfy the demand with regard to the secure maintenance 
20 of disk data for the user. 

SUMMARY OF THE INVENTION 

Accordingly, an object of the present invention is to provide a method for 
data security with lock in a hard disk and a solid state disk, which makes a 
frequently used system record possible to be saved in a user zone. The main 
25 system program or the drive program can be saved in a ROM zone to avoid that the 
programs are subjected to an abnormal change or a not allowed change and 



revision so as not to damage the operation of the system. A core program of the 
system can be saved in a protect zone and the password has to be confirmed 
before the core program can be executed. Therefore, the present invention can 
offer the disk system an effective protection with lock so as to protect the 
intellectual property of the system designer and the secret data of the user reliably. 
Therefore, the function provided in the present invention is not possible to be 
performed by the conventional various types of disk drivers. 

The present invention provides a method for data security with lock in a 
hard disk and a solid state disk, and the method comprises following steps, a 
procedure for partitioning a disk drive into a plurality of disk zones; 

offering a plurality of registers for indicating a record of a size of the 
respective partitioned disk zone; and offering a procedure of mathematical 
operation for treating a user input data and a register data. 

In order to achieve the preceding object, a register Rjndex, a register 
P_index and a register LBA_max are used for indicating records of three 
partitioned zone sizes. When the register Rjndex^ 1 and the register LBA_max> 
the register P_index>the register Rjndex, the disk drive is divided into three 
zones, the disk drive is divided into the user zone, the ROM zone and the protect 
zone. When the register Rjndex ^1 and the register LBA_max=the register 
P_jndex>the register Rjndex, the disk drive is divided into two zones, the user 
zone and the ROM zone, when the register Rjndex ^ 1 and the register 
LBAjnaxthe > the register PJndex= the register Rjndex, the disk drive is 
divided into two zones, the user zone and the protect zone. When the register 
Rjndex^ 1 and the register LBA_max = the register P index = the register 
Rjndex, the disk drive is divided into the user zone. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The present invention can be more fully understood by reference to the 
following description and accompanying drawings, in which: 
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Fig. 1 is a flow chart illustrating the process performed in a preferred 
embodiment of the present invention; 

Fig. 2 is a table illustrating disk commands corresponding to actions of 
each partitioned zone under a lock mode in the preferred embodiment; 

5 Fig. 3 is a schematic diagram illustrating a disk in a state of being divided; 

Fig. 4 is a plan view illustrating a structure of various registers; 

Fig. 5 is a flow chart of setting up a vender code and a vender lock in the 
preferred embodiment of the present invention; 

Fig. 6 is a schematic diagram illustrating an operation mode of firmware in 
10 the preferred embodiment during treating a password; and 

Fig. 7 is a flow chart for deleting function of the ROM zone and the protect 
zone in the preferred embodiment. 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Referring to Fig. 1, a flow chart of processing a method for data security 
15 with lock in a hard disk and a solid state disk according to the present invention is 
illustrated. First of all, the disk drive 1 is divided into several zones by way of disk 
partition, and, for instance, the disk drive 1 is divided into two or three logic disks 
and the logic disks are given a zone definition with a read or write restriction for 
performing specific functions. 

20 Hence, the present invention defines three zone names, i.e., a ROM zone 

11, a protect zone 12 and a user zone 13. Thus, the disk drive 1 can be divided 
with a partition way of four different arrangements, which are listed hereinafter: 

(1) the user zone 13, the ROM zone 1 1 and the protect zone 12. 

(2) the user zone 13 and the ROM zone 1 1 . 
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(3) the user zone 13 and the protect zone 12. 

(4) the user zone 13. 

The user zone 13 can execute all the ATA commands as the ordinary disk 
drive does, but the ROM zone 11 can read data only so that data erase or data 
5 write is prohibited in the ROM zone 11. The protect zone 12 executes any 
command related to operating the sectors in the zone (Reference to Fig. 2, which 
illustrates the disk drive commands operating each zone under a lock mode.) so 
that it is not possible to read and write data in the protect zone 12 so as to perform 
the protect function. 

1° The user can decide the size of each zone via a proper utility such as the 

disk partition program FDISK or DiskEdit in DOS so as to offer a handier way to 
perform zone partitioning in the disk drive. The ROM zone 1 1 and the protect zone 
12 provide the same function as the user zone 13 so that all commands can be 
executed at the ROM zone 11 and the protect zone before being enabled. 

15 After the disk drive 1 being partitioned physically, three registers, R_index 

111, P_index 121 and LBA_max, are set up to record the physical location of each 
zone with the size thereof in the disk drive 1 . 

Referring to Fig. 3, the meaning of theses three registers, R_index 111, 
P_index 121 and LBAjnax, are illustrated and these three parameters can be 

20 utilized to determine the partitioned disk. The rule for determining the partitioned 
disk is as follows: (1)When the register R index^l and the register LBA_max> 
the register P_index>the register R_index, the disk drive 1 is divided into three 
zones, the user zone 13, the ROM zone 11 and the protect zone 12. (2)When the 
register R_index^1 and the register LBA_max=the register P_index>the register 

25 R_index, the disk drive 1 is divided into two zones, the user zone and the ROM 
zone. (3) When the register R_index^1 and the register LBAjnax > the register 
P_index= the register R_index, the disk drive 1 is divided into two zones, the user 
zone and the protect zone. (4) when the register R_index^1 and the register 
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LBA_max=the register Pjndex= the register Rjndex, the disk drive is divided 
into the user zone.Wherein, the three registers, Rjndex 111, Pjndex 121 and 
LBA_max, are assigned a value by way of the utility and, for instance, the utility A 
can find the length of each zone in a master boot record (MBR) of the disk drive 1 
5 automatically and assign a value to the three registers, Rjndex 111, PJndex 121 
and LBA_max respectively after counting. 

After being set up and before being assigned a password, the ROM zone 
11 and the protect zone 12 can execute all the ATA commands of the disk as the 
user zone 13 does. At this time, a R password 30 and a PjDassword 31 are 
10 provided with a default value of OxFFFFFF initially and the related functions of the 
ROM zone 11 and the protect zone 12 can start after being enabled by the disk 
control firmware once the R_password 30 and the P_password 31 are assigned a 
value different from OxFFFFFF. 

When the power is on or the system is reset with any means and with the 
15 disk control firmware having detected the R_password 30 or the R_password 31 
being not the default value, the data protect function provided in the ROM zone 1 1 
or in the protect zone 12 starts. However, if the ROM zone does not exist, the 
P_password 31 is prohibited. 

Referring to Fig. 4, various registers in the preferred embodiment are 
20 illustrated. It can be seen in Fig. 4 that it shows a register structure related to the 
password design and the R_password 30 and the PjDassword 31 can be assigned 
through an external program. 

The system designer owns a control code, which is called a vender code 
20 here, and the vender code 20 is an independent control code. A vender key 21 
25 is set up by the system assigner and it is treated a number similar to the batch 
number. Both of the vender code 20 and the vender key 20 are input by way of an 
independent external application program such as a utility B. Key numbers 40, 41 
is assigned by the system user through the utility A. The key numbers 40, 41 have 
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8 bites respectively with 7 bites thereof being effective and are defined that the nth 
password in 128 passwords is effective. Because any password has a size of 4 
bytes, 512 bytes of passwords have to be recognized during each check for the 
passwords. The flow chart shown in Fig. 5 illustrates the process for setting up the 
5 vender code 20 and the vender key 21 . 

It means the function of the ROM zone 1 1 or the protect zone is in a state 
of starting or locking as soon as the R_password 30 and P_password are 
assigned. In case of the ROM zone 11 or the protect zone 12 being unlocked, it is 
necessary to perform a check and an unlock procedure via special disk command. 
10 If the check for passwords is failed, the functions of the ROM zone 11 and the 
protect zone 12 start immediately. The disk commands for detecting the password 
are defined in Table 1 and the table 1 includes ATA command codes specially 
defined in the present invention, description of input rules, description of error 
response and instruction for commands. 

15 Table 1 : ATA commands for password detection. 



Command code-FEh 



Address 


ATA 


Default | 


0x117 


Command 


OxFE 


0x1 f6 


Drv/Head 




0x1 f5 


CylMSB 




0x1 f4 


CylLSB 




0x1 f3 


SecNum 




0x1f2 


SecCnt 


OxFE 


0x1f1 


Feature Cmd 


OxAA/OxBB 



OxAA: indicating detection of R_password 30 
OxBB: indicating detection of P_password 31 



20 Error response output-the component part may respond to ABRT of the 

error register if the command is not supported, and data is in the ROM zone 1 1 or 
in the protect zone 12. 
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Status register 


Error register 


RDY 


DWF 


CORR 


ERR 


UNC 


IDNF 


ABRT 


AMNF 


X 


X 




X 






X 





Description of commands- the command may request a disk sector of data to be 
sent from the host and the function of commands can be controlled by way of the 
data. 



Referring to Fig. 6, the firmware corresponding to the operation mode of 
5 password in the preferred embodiment of the present invention is illustrated. As 
soon as the firmware has obtained an effective password 22 designated by the key 
numbers 40, 41 among 128 passwords, a calculation process shown in Fig. 6 is 
performed such that the function of the ROM zone 11 or the protect zone 12 is 
unlocked in case of calculated result being the same as the R_password 30 or the 
10 Pjassword 31 . That is, the read only function of the ROM zone 1 1 or the protect 
function of the protect zone is disabled so that the ROM zone 1 1 or the protect 
zone can be read or written data as the user zone does. 

Referring to Fig. 7, a flow chart of unlocking function of the ROM zone and 
the protect zone in the preferred embodiment of the present invention is illustrated. 

is It is appreciated from the foregoing, the frequently used system record can 

be saved in the user zone 13 and the main system program or the drive program 
can be saved in the ROM zone 1 1 to avoid that the programs are subjected to 
abnormal or not allowed change and revision so as not to damage the operation of 
the system. The core program of the system can be saved in the protect zone 12 

20 and the password has to be confirmed before the core program can be executed. 
Therefore, the present invention can give the disk system an effective function of 
protect with lock to protect the intellectual property for the system designer and to 
protect the data in secret for the user reliably. These advantages are not possible 
for all conventional types of disk drives to reach effectively. 
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While the invention has been described with reference to a preferred 
embodiment thereof, it is to be understood that modifications or variations may be 
easily made without departing from the spirit of this invention, which is defined in 
the appended claims. 



